Full Job Description
We need someone who's equally comfortable in security engineering and AI technology, and who's ready to work closely with IT, security, and data science teams to build AI solutions that are secure, compliant, and built to last.
This role calls for real technical depth, sound judgment, and a proactive approach to risk management. Here's what you'll be doing:
- Monitoring and strengthening the security posture of our AI/ML systems, APIs, and model-serving environments
- Building detection and monitoring capabilities to identify risks such as model misuse, prompt injection, data poisoning, and unauthorized model access
- Partnering with development, operations, and security teams to secure AI environments across their full lifecycle
- Automating security monitoring and remediation workflows for AI systems
- Evaluating and implementing AI security tools and model governance solutions
- Contributing to the development of AI-specific risk frameworks, controls, and policies
- Staying current on the evolving AI risk landscape and supporting security assessments and testing of LLMs and AI services
AI and Security Engineering
• Secure AI/ML model development and deployment environments, including LLMs, vector databases, and training pipelines.
• Build automated tools to detect and mitigate AI-related risks, such as anomalous model outputs and prompt injection attempts.
• Conduct security testing and threat modeling for AI systems.
• Support logging, monitoring, and alerting for AI/ML environments integrated with SIEM/XDR platforms.
• Help design model access controls, encryption, and governance enforcement.
• Assist in developing and enforcing AI-related security policies and procedures.
Innovation
• Question legacy assumptions and recommend AI-native security approaches.
• Identify short- and long-term strategies for securing AI assets in ways that support business value.
• Build security prototypes and proof-of-concepts for emerging AI architectures.
• Stay current on AI security research and turn findings into practical defenses.
Agility
• Adapt as the AI landscape and threat environment continue to evolve.
• Navigate ambiguity in AI risk management and compliance requirements.
• Help business and technical partners adjust to changing AI security requirements.
• Stay responsive and adaptive when incidents involving AI systems arise.
Problem Solving
• Investigate security incidents involving AI-generated outputs or manipulated inputs.
• Apply critical thinking to defend against emerging AI risks.
• Develop layered mitigation strategies across models, APIs, and infrastructure.
• Own problem resolution from start to finish.
Collaboration
• Partner with CyberSecurity analysts, developers, and AI engineers to defend AI systems.
• Mentor peers on emerging risks and best practices in AI/ML security.
• Foster cross-functional alignment to build AI security into enterprise roadmaps.
Communication Skills
• Translate technical AI security issues into business risk language for stakeholders.
• Write clear documentation for detection rules, playbooks, and findings.
• Present AI risk scenarios and mitigation strategies to both technical and non-technical audiences.
Strategic Focus
• Align AI security efforts with Nelnet's business, compliance, and technology goals.
• Serve as a trusted advisor on AI governance, LLM access, and model risk.
• Anticipate future regulatory requirements around AI usage and safety.
• Deliver security solutions that balance innovation with operational integrity.
**Pay Range for this role is - $115,000 -$155,000 dependent on experience and education.
EDUCATION:
Knowledge equivalent to completing a Bachelor's degree in Computer Science or a related field.
EXPERIENCE:
• 3 to 5 years of experience in cybersecurity, security engineering, or risk management.
• Hands-on experience with machine learning systems, LLMs (Anthropic Claude, OpenAI, or open-source models), or AI/ML platforms such as SageMaker, Azure ML, or Vertex AI.
• Familiarity with adversarial machine learning concepts and model risk is preferred.
• Experience with security tools, monitoring platforms, or security automation frameworks.
• Experience in application security, DevSecOps, or secure software development lifecycle (SDLC) is a plus.
COMPETENCIES - SKILLS/KNOWLEDGE/ABILITIES:
Needs:
• Knowledge of security, controls, and computer technology.
• Ability to lead and motivate others.
• Ability to apply statistics and probability to identify problems, trends, and relationships in work-related data.
• Knowledge of at least one computer development language, along with related methodologies and techniques.
• Understanding of AI system architectures and their security implications.
• Scripting or development experience in Python or a similar language.
• Knowledge of AI-specific risk frameworks such as MITRE ATLAS or the OWASP LLM Top 10.
• Strong analytical skills and comfort working with data, logs, and system telemetry.
• Ability to work across teams and lead cross-functional security initiatives.
• Familiarity with regulations governing IT environments.
• Familiarity with regulatory and ethical frameworks around AI security and model governance.
• Familiarity with enterprise LLM deployment and governance, including tools like Claude or similar platforms.
• Familiarity with infrastructure deployment and systems administration.
• Excellent organizational, presentation, verbal, and written communication skills.
• Ability to assess and communicate risk and urgency clearly to both management and engineering staff.
• Strong self-motivation, with the ability to set and follow through on long-term goals.
• Genuine interest in staying technically current and building new expertise.
• Comfortable questioning existing assumptions when it makes sense to do so.
• Openness to changing technology and business needs.
• Sees change as a chance to grow rather than a disruption.
• Ability to adjust communication style to fit the audience.
Wants:
• Knowledge of enterprise risk management and security governance frameworks.
• Familiarity with common security tooling and methodologies.
• Solid understanding of machine learning architectures, LLMs (GPT, LLaMA, Claude), and common AI frameworks such as PyTorch, TensorFlow, or Hugging Face.
-Please note that we are unable to provide visa sponsorship for this position. To be considered, candidates must already be authorized to work in the United States without the need for current or future sponsorship
Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: LINK.